DevSecOps Engineer (R2178)

Security and Compliance Seattle, Washington Durham, North Carolina

Join us in building a secure platform supporting Avalara's expanding business. In this role you will have the opportunity to engage with the best and brightest engineers and architects as they build our future application and service capabilities, while ensuring our current generation solutions continue to deliver the trust and reliability our customers expect. If you want to make a big difference in a fast-moving environment without endless meetings, if you want to set your direction instead of having it set for you, if you want to have all of the benefits of start-up and an established company, then this is the job for you.

Our ideal DevSecOps Automation Engineer has experience working on a variety of platforms and technologies and is passionate about security's importance in the CI/CD pipeline. Automation is fundamental to modern agile security organizations, and you will be responsible for making the security pipeline and the underlying infrastructure valuable and consistent. You will strive toward Infrastructure-as-Code and Policy-as-Code to make our systems as reliable and maintainable as possible. You will provide guidance, training, and support to the rest of the Application Security team as they contribute additional tools to the security pipeline. You will be able to talk tech and business. You will work tirelessly to find the right solution, not the first solution. You thrive on challenge and you are not afraid to dig in, all while having fun and not getting too serious.

Job Duties

  • Creating and managing a security automation framework and pipeline.
  • Maintaining and improving the infrastructure that security relies upon.
  • Evangelizing and assisting the development teams with tool integrations across the organization
  • Providing training and guidance to security engineering to integrate new tools into the security pipeline.
  • Developing and implementing manual and automated security tests.


  • Experience working with tools that support a secure SDLC (PrismaCloud, CheckMarx, ThreadFix, Acunetix, Burp Suite, etc)
  • 5+ years' experience software development experience, preferring Go, Python, and .Net
  • Experience working with IaC and PaC.
  • Understanding of common cryptographic and authN/authZ standards (TLS, SAML, OAuth, etc)
  • Experience working with a variety of development tools, languages, and environments, including .NET, Java, PHP, Node.js, Ember, SQL Server, and Amazon Web Services
  • Experience performing peer code review.
  • Experience with agile software development processes and methodologies
  • Working knowledge of source code repositories including Git

Preferred Qualifications

  • Bachelor's Degree in Computer Science, Engineering, or related field
  • Experience in Security Engineering roles, in support of the SDLC
  • Experience working within an AWS environment.

About Avalara

We are building cloud-based tax compliance solutions to handle every transaction in the world.

Imagine every transaction you make — every tank of gas, cup of coffee, or pair of sneakers, every movie ticket, meal kit, or streamed song, every sensor-to-sensor ping. Nearly every time you make a purchase, physical or digital, there’s an accompanying unique and nuanced tax compliance calculation.

The logic behind calculating taxes — the rules, rates, and boundaries — is a global, layered, three-dimensional mess of complexity, with compliance dictated by governments and applied by every business, every day.

Avalara works with businesses of all sizes, all over the world — from corner stores to gigantic global retailers — to calculate tax accurately and automatically, at speeds measured in milliseconds.

That is a massive technical challenge, in terms of scale, reliability, and complexity, and we do it better than anyone. That is why we’re growing fast.

Headquartered in Seattle, Avalara has offices across the U.S. and around the world, in Belgium, Brazil, Canada, India, and the U.K.

Avalara is an Equal Opportunity Employer. All qualified candidates will receive consideration for employment without regard to race, colour, creed, religion, age, gender, national orientation, disability, sexual orientation, or any other factor protected by law.

Avalara is an Equal Opportunity Employer. All qualified candidates will receive consideration for employment without regard to race, color, creed, religion, age, gender, national orientation, disability, sexual orientation, US Veteran status, or any other factor protected by law.